Never attack crypto.. Even crappy crypto is hard to attack. Always attack the implementation.
2010/1/6 Johan Peder Møller <jo...@johans.dk> > Hi all > > As I read it the password is checked using a algorithm that involves the 32 > Byte block. The result of this operation must be a certain value also 32 > byte long and this value is constant even if the password is changed. So by > patching the software (or running it in a debugger) it is possible to make > sure that the check is always succesful. This means that the password is > always correct and you can then gain access to the data via normal > operation. > > So the weakness resides in the way the password is checked. > > rgds > Johan Møller > > > On Wed, Jan 6, 2010 at 4:55 AM, Michael Salmon <lonestar...@gmail.com>wrote: > >> Below is the whitepaper from the security company that discovered the >> flaw. I uploaded the pdf document to Google Translator to try to read it. >> My understanding is that basically the Kingston software, exmpsvr.exe, >> creates this 32 byte block of data that doesn't change even if the password >> is changed or the key is formatted and is used to decrypt the encrypted >> data. Syss wrote a program that modifies the exmpsvr.exe application at >> runtime and basically bypasses the password request code and jumps to the 32 >> byte block to start decrypting. >> >> Please correct me if I am wrong or I misunderstand, the translation is a >> bit difficult for me to read. >> >> WhitePaper: >> >> http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf >> >> CNET article: >> http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm?tag=mncol;txt >> Dark Reading: >> http://www.darkreading.com/insiderthreat/security/encryption/showArticle.jhtml?articleID=222200174 >> >> Thanks, >> >> Michael Salmon >> >> >> On Tue, Jan 5, 2010 at 9:51 PM, David A. Gershman < >> dagershman_...@dagertech.net> wrote: >> >>> >>> Oh my, do tell. And please provide a link to the white paper if >>> possible. >>> >>> > >>> > I hope I'm not double posting, but has anyone else seen the whitepaper >>> on >>> > the recently discovered vulnerability in FIPS certified >>> > Kingston/Sandisk/Verbatium usb keys? It seems like a very amateur >>> > vulnerability in the software. >>> > >>> > >>> >>> ---------------------------------------- >>> David A. Gershman >>> gersh...@dagertech.net >>> http://dagertech.net/gershman/ >>> "It's all about the path!" --d. gershman >>> _______________________________________________ >>> Pauldotcom mailing list >>> Pauldotcom@mail.pauldotcom.com >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >> >> >> _______________________________________________ >> Pauldotcom mailing list >> Pauldotcom@mail.pauldotcom.com >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > Pauldotcom@mail.pauldotcom.com > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list Pauldotcom@mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
